what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

Files Date: 2015-08-14

Ubuntu Security Notice USN-2709-1
Posted Aug 14, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2709-1 - The pollinate package bundles the certificate for entropy.ubuntu.com. This update refreshes the certificate to match the new certificate for the server.

tags | advisory
systems | linux, ubuntu
SHA-256 | 515b8d6dbe355a16da8fb1581c572dc3b3ca25de060b3ca51000881d8e51f64b
Ubuntu Security Notice USN-2710-1
Posted Aug 14, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2710-1 - Moritz Jodeit discovered that OpenSSH incorrectly handled usernames when using PAM authentication. If an additional vulnerability were discovered in the OpenSSH unprivileged child process, this issue could allow a remote attacker to perform user impersonation. Moritz Jodeit discovered that OpenSSH incorrectly handled context memory when using PAM authentication. If an additional vulnerability were discovered in the OpenSSH unprivileged child process, this issue could allow a remote attacker to bypass authentication or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-5352, CVE-2015-5600
SHA-256 | 5e6d369a707bc3cd52edbf61992614fe1906738d5016b5215cd4d7307a0c93fe
SAP Afaria 7 Buffer Overflow
Posted Aug 14, 2015
Authored by Dmitry Chastukhin

SAP Afaria 7 suffers from a buffer overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2015-4092
SHA-256 | af1eb12bb6ea9b28172a2499e235592204d5c6e5405e08d2b1b8ef6f471f8c15
Google Admin WebView Sandbox Bypass
Posted Aug 14, 2015
Authored by Vahagn Vardanyan

An issue was found when the Google Admin application received a URL via an IPC call from any other application on the same device. The Admin application would load this URL in a webview within its own activity. If an attacker used a file:// URL to a file that they controlled, then it is possible to use symbolic links to bypass Same Origin Policy and retrieve data out of the Google Admin sandbox.

tags | advisory, bypass
SHA-256 | fe1cf8309000f17cec08e939b1bf7ce76af4a964b50042b4e935fea7d6db7d68
Dismantling Megamos Crypto: Wirelessly Lockpicking A Vehicle Immobilizer
Posted Aug 14, 2015
Authored by Baris Ege, Roel Verdult, Flavio D. Garcia

The Megamos Crypto transponder is used in one of the most widely deployed electronic vehicle immobilizers. It is used among others in most Audi, Fiat, Honda, Volkswagen and Volvo cars. Such an immobilizer is an anti-theft device which prevents the engine of the vehicle from starting when the corresponding transponder is not present. This transponder is a passive RFID tag which is embedded in the key of the vehicle. In this paper, the authors have reverse-engineered all proprietary security mechanisms of the transponder, including the cipher and the authentication protocol which we publish here in full detail. This article reveals several weaknesses in the design of the cipher, the authentication protocol and also in their implementation.

tags | paper, cryptography, protocol
SHA-256 | e8819e38284ae00f42181afdbb067dcbb1901e3845adf87a0c7b6914ed3d9c52
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close